THREAT OPS › CVEs › CVE-2026-20182
CVE-2026-20182 — Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
Vulnerability details
- Affected productsCatalyst SD-WAN
- KEV remediation due2026-05-17
Related reporting
- [CISA KEV] CVE-2026-20182 — Cisco Catalyst SD-WAN: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisa_kev
- Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Managermandiant_gti
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerabilitycisco_psirt
- Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerabilitycisco_psirt
- May 2026 CVE Landscaperecordedfuture